Cydia

Slashdot reported last week on research published by Swiss iPhone developer Nicolas Seriot about security holes in unjailbroken - that's UNjailbroken - iPhones that could potentially compromise email accounts, browser history and even keytaps held in cache. The closed and unmodifiable nature of the stock iPhone OS means that malware could be carried by any app: even one legitimately purchased and downloaded from the App Store.

In a talk on iPhone privacy in Geneva, Seriot described how a malicious application could harvest personal data on a non-jailbroken iPhone (PDF) without using private APIs. The presentation makes several suggestions to Apple on how to make the native iPhone environment more secure. For one thing, Seriot asserts that the keyboard cache on iPhones should be a OS service rather than being easily available to any app. He also recommends that the WiFi connection history be better hidden, and that the App Store reviews process be expanded to search for potential misuse of data.

Seriot also makes the case that jailbroken iPhones can actually be more secure than stock iPhones, for the simple reason that jailbreakers have access to firewall software. The iPhone worms that were in the news not too long ago made headlines because they attacked jailbroken iPhones, but only those which still had the default SSH password. Once secured and running a firewall, jailbroken devices are harder to break into remotely than non-jailbroken iPhones. This, of course, clearly contradicts Apple’s position that jailbroken devices are more vulnerable, and so may encounter resistance in the mainstream industry press.

Users of all iPhones - jailbroken and not - should be wary of programs from untrustworthy developers, according to Seriot: especially professionals like like attorneys, doctors, finance officers who are legally bound to safeguard the privacy of data under their control. Interestingly, he also asserts that user reviews in the App Store are crucial, since customer experiences could save others from attack or validate the integrity of a program. After the recent scandal about faked reviews on the App Store, Apple would do well to keep better control of user feedback: as a security measure, if for no other reason.